We recently enabled Managed Connection Pooling on our Cloud SQL Enterprise Plus (Postgres 17) instance and ran into something weird. Hoping someone has seen this before.
Our app connects on port 6432 from GKE, private IP, ssl_mode set to ENCRYPTED_ONLY. We use SQLAlchemy with pool_pre_ping=True. Everything’s been running fine for about a month.
Then today we got hit with ~250 `SSL connection has been closed unexpectedly` errors from psycopg2, all within a 3-minute window. Multiple pods, multiple endpoints, all at the same time. Then it just… stopped. No recurrence since.
We dug into everything we could think of:
- Checked `gcloud sql operations list` — nothing during that window
- Checked postgres.log via Cloud Logging — no disconnections, no FATAL entries for our app user, just normal checkpoint activity
- Checked GKE — no node events, no pod restarts, no migrations
- Checked Cloud SQL audit logs — no API calls at that time
- We didn’t change any config
The frustrating part is there’s basically no way to see what the pooler is doing. The 4 metrics Google gives us (num_pools, client/server connections, avg wait time) don’t tell you anything about drops or restarts. And there are no pooler logs in Cloud Logging at all.
The docs mention the pooler runs as a “cluster of poolers” — so my best guess is one of the poolers in the cluster got recycled and all the clients on it lost their SSL sessions. But I can’t prove it because there’s nothing to look at.
Has anyone else hit this? A few things I’m wondering:
- Can the pooler cluster recycle individual poolers without it showing up anywhere?
- Is there some log source or metric I’m missing?
- Should we just go back to connecting on 5432 directly if we can’t get visibility into this?
Thanks in advance.